CVE-2024-53224: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-53224 affects the Linux kernel's RDMA/mlx5 driver, specifically concerning a race condition in the events notifier registration process. The vulnerability was discovered and disclosed in December 2024, affecting Linux kernel versions from 4.6 up to (excluding) 6.6.64, from 6.7 up to (excluding) 6.11.11, and from 6.12 up to (excluding) 6.12.2. The issue involves a race between device deregistration and pkey change work (NVD).

The vulnerability stems from incorrect ordering of events notifier registration in relation to device registration in the RDMA/mlx5 driver. The issue occurs when MLX5_IB_STAGE_DEVICE_NOTIFIER is executed before MLX5_IB_STAGE_IB_REG, leading to a potential race condition where works can be executed after device unregistration. This results in a NULL pointer dereference, causing a kernel panic. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

When exploited, this vulnerability can cause a denial of service condition through a kernel panic. The issue specifically affects systems using the MLX5 InfiniBand driver, potentially disrupting RDMA (Remote Direct Memory Access) operations. The vulnerability can lead to system crashes when the race condition is triggered during device deregistration (NVD).

The vulnerability has been fixed by moving the events notifier registration to occur after device registration. The fix involves relocating the MLX5_IB_STAGE_DEVICE_NOTIFIER stage to execute after MLX5_IB_STAGE_IB_REG, ensuring proper deregistration order. Users should update to kernel versions 6.6.64, 6.11.11, or 6.12.2 or later, depending on their kernel branch (Kernel Patch).